CVE-2025-54307
- EPSS 0.39%
- Veröffentlicht 04.12.2025 15:15:59
- Zuletzt bearbeitet 16.12.2025 18:46:24
An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. The /configure/plugins/plugin/upload/zip/ and /configure/newupdates/offline/bundle/upload/ endpoints allow low-privilege users to upload ZIP files to the server. Th...
CVE-2025-54303
- EPSS 0.06%
- Veröffentlicht 04.12.2025 00:00:00
- Zuletzt bearbeitet 16.12.2025 21:00:13
The Thermo Fisher Torrent Suite Django application 5.18.1 has weak default credentials, which are stored as fixtures for the Django ORM API. The ionadmin user account can be used to authenticate to default deployments with the password ionadmin. The ...
CVE-2025-54305
- EPSS 0.03%
- Veröffentlicht 04.12.2025 00:00:00
- Zuletzt bearbeitet 16.12.2025 18:50:09
An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. One of the middlewares included in this application, LocalhostAuthMiddleware, authenticates users as ionadmin if the REMOTE_ADDR property in request.META is set to ...
CVE-2025-54306
- EPSS 0.31%
- Veröffentlicht 04.12.2025 00:00:00
- Zuletzt bearbeitet 16.12.2025 18:47:26
An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. A remote code execution vulnerability exists in the network configuration functionality, stemming from insufficient input validation when processing network configu...